共计 1836 个字符,预计需要花费 5 分钟才能阅读完成。
安装
Since it doesn’t seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto
chmod a+x certbot-autocertbot-auto accepts the same flags as certbot; it installs all of its own dependencies and updates the client code automatically.
快速上手
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates certificate installation.
$ sudo ./path/to/certbot-auto --apacheRunning this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you’re feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonlysubcommand:
$ sudo ./path/to/certbot-auto --apache certonlyTo learn more about how to use Certbot read our documentation.
定时更新证书
Certbot can be configured to renew your certificates automatically before they expire. Since Let’s Encrypt certificates last for 90 days, it’s highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renewAn example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
楼主贴出自己的定时任务代码吧
0 0 1 * * sudo /root/certbot-auto renew
5 0 1 * * service httpd restart
